package org.yi.web.security.entity;

import java.util.List;

import org.yi.core.annotation.TableBind;

import com.jfinal.plugin.activerecord.Model;

/**
 * 粗粒度权限控制， 只控制全局权限， 包括增、删、改、查、禁启用
 * 
insert into f_permission (name, description) values ("create", "添加");
insert into f_permission (name, description) values ("delete", "删除");
insert into f_permission (name, description) values ("update", "修改");
insert into f_permission (name, description) values ("query", "查询");
insert into f_permission (name, description) values ("ban", "禁用/启用");
 * @author Lenovo
 *
 */
@SuppressWarnings("serial")
@TableBind(name="f_permission")
public class PermissionEntity extends Model<PermissionEntity>{

	public static PermissionEntity dao = new PermissionEntity();
	
	public List<PermissionEntity> getPermissinsByRoles(List<RoleEntity> roles) {
		StringBuilder roleIds = new StringBuilder();
		for(RoleEntity role : roles) {
			roleIds.append("'").append(role.get("id")).append("'").append(",");
		}
		if(roleIds.length() > 1) {
			roleIds.deleteCharAt(roleIds.length() - 1);
		}
		return dao.find("select * from f_permission where id in (select permission_id from f_role_permission where role_id in ("+roleIds+"))");
	}
	
	public List<PermissionEntity> getPermissinsByRole(RoleEntity role) {
		String roleId = role.getStr("id");
		return dao.find("select * from f_permission where id in (select permission_id from f_role_permission where role_id = ?)", roleId);
	}
	
	public PermissionEntity getPermissinsByName(String permissionName) {
		return dao.findFirst("select * from f_permission where name = ?", permissionName);
	}
}
